﻿<?php
include "../connect.php";

	$ten_dn=$_POST['txtten_dn'];
	$mk_cu = $_POST['txtmk_cu'];
	$mk_moi = $_POST['txtmk_moi'];
	if($mk_moi != ""){		
		$mat_khau = $mk_moi;
	}
	else $mat_khau = $mk_cu;
	$email=$_POST['txtemail'];
	$dia_chi=$_POST['txtdia_chi'];
	$so_dt=$_POST['txtso_dt'];
	$quyen=0;
?>
<form name="frmTrolai" method="post" action="../index.php?noidung=canhan" >
<input type="hidden" name="txtten_dn" value="<?php echo $ten_dn; ?>"/>
<input type="hidden" name="txtmk" value="<?php echo $mat_khau; ?>"/>
<input type="hidden" name="txtemail" value="<?php echo $email; ?>"/>
<input type="hidden" name="txtdia_chi" value="<?php echo $dia_chi; ?>"/>
<input type="hidden" name="txtso_dt" value="<?php echo $so_dt; ?>"/>
<input type="hidden" name="txtquyen" value="<?php echo $quyen; ?>"/>

</form>
<?php
	$sql = "SELECT * FROM thanh_vien WHERE ten_dn = '$ten_dn' AND mat_khau = '$mk_cu'";
	$rs = mysql_query($sql);
	if(mysql_num_rows($rs) <= 0){
		echo "<script>
			alert('Mật khẩu cũ không đúng! Vui lòng nhập chính xác mật khẩu cũ!');
			document.frmTrolai.submit();
			</script>";
		exit;
	}
	
	$sql = "SELECT email FROM thanh_vien WHERE ten_dn='$ten_dn'";
	$rs = mysql_query($sql);
	$row = mysql_fetch_row($rs);
	$email_cu = $row[0];
	
	$sql1 = "SELECT email FROM thanh_vien";
	$rs1 = mysql_query($sql1);
	
	while($row1 = mysql_fetch_array($rs1)){
		if($email != $email_cu && $email == $row1[0]){
			echo "<script>
					alert('Email đã được sử dụng! Vui lòng nhập email khác!');
					document.frmTrolai.submit();
				</script>";
			exit;
		}
	}

    $sql = "UPDATE thanh_vien SET mat_khau = '$mat_khau',
								  email = '$email',
								  dia_chi = N'$dia_chi',
								  so_dt = '$so_dt' 
			WHERE TEN_DN = '$ten_dn'";	
//echo $sql;exit;			
	$rs=mysql_query($sql);
    if($rs){
		echo "<script>
			alert('Đã lưu cập nhật...');
		 	location.href='../index.php?noidung=canhan';
			</script>";
		exit;
	}else {
		echo "<script>
			alert('Chưa lưu được...');
			document.frmTrolai.submit();
			</script>";
		}
?>
